30579096's repositories
hostscan
自动化Host碰撞工具,帮助红队快速扩展网络边界,获取更多目标点
KRBUACBypass
UAC Bypass By Abusing Kerberos Tickets
SQLRecon
A C# MS SQL toolkit designed for offensive reconnaissance and post-exploitation.
PySQLTools
Mssql利用工具
wxapkg
微信小程序反编译工具,.wxapkg 文件扫描 + 解密 + 解包工具
SecurityList
A list for Web Security and Code Audit
S4UTomato
Escalate Service Account To LocalSystem via Kerberos
netspy
netspy是一款快速探测内网可达网段工具(深信服深蓝实验室天威战队强力驱动)
citrixInspector
Accurately fingerprint and detect vulnerable (and patched!) versions of Netscaler / Citrix ADC to CVE-2023-3519
sliver
Adversary Emulation Framework
MemShell
MemShell List
SpringBootAdmin-thymeleaf-SSTI
SpringBootAdmin-thymeleaf-SSTI which can cause RCE
jsluice
Extract URLs, paths, secrets, and other interesting bits from JavaScript
cloudgoat
CloudGoat is Rhino Security Labs' "Vulnerable by Design" AWS deployment tool
AsteriskPassword
AsteriskPassword,基于C++&MFC开发的星号密码查看器
Awesome-CloudSec-Labs
Awesome free cloud native security learning labs. Includes CTF, self-hosted workshops, guided vulnerability labs, and research labs.
sliver-gui
A Sliver GUI Client
peirates
Peirates - Kubernetes Penetration Testing tool
CVE-2023-0669
GoAnywhere MFT CVE-2023-0669 LicenseResponseServlet Deserialization Vulnerabilities Python RCE PoC(Proof of Concept)
pacu
The AWS exploitation framework, designed for testing the security of Amazon Web Services environments.
byp4xx
40X/HTTP bypasser in Go. Features: Verb tampering, headers, #bugbountytips, User-Agents, extensions, default credentials...
BurpSuite_403Bypasser
Burpsuite Extension to bypass 403 restricted directory
WMIExec
Set of python scripts which perform different ways of command execution via WMI protocol.
KubiScan
A tool to scan Kubernetes cluster for risky permissions
adidnsdump
Active Directory Integrated DNS dumping by any authenticated user
dcomhijack
Lateral Movement Using DCOM and DLL Hijacking
GoWxDump
SharpWxDump的Go语言版。微信客户端取证,获取信息(微信号、手机号、昵称),微信聊天记录分析(Top N聊天的人、统计聊天最频繁的好友排行、关键词列表搜索等)
SSSD-creds
Script to extract the cached credentials from SSSD, getting Active Directory credentials from Unix systems